Millions of European citizens, and hundreds of thousands of SMEs, use on a daily basis a number of popular services that offer storage of digital data in the cloud. Most of these services operate outside EU territory, thus raising practical and legal concerns about the privacy and security of EU citizens’ data.

Additionally, in many cases, the ‘terms of use’ of these services are vague and require users to grant broad rights over their data to service providers (including copyright and the rights to redistribute, process and create ‘derivative works’ from the original digital files, without proper clarification of what this processing might entail). Important questions are raised about the implications of the service agreements users enter into and the protection of their data. Considering the popularity of cloud services this uncertainty does not help the adoption of digital services on behalf of EU citizens and the building of trust in the Digital Single Market.

In view of the above:

1.

Does the Commission intend to evaluate the extent to which companies offering cloud storage services comply with EU legislation on privacy and security of digital data (including the Safe Harbour Agreement)?

2.

Does the Commission intend to ask for written clarification and commitments from these companies about the processing to which EU citizens’ data are subjected?

3.

Would the Commission consider developing a digital observatory to inform EU citizens about the degree to which popular cloud and web 2.0 services comply with the provisions of EU legislation?